From owner-cvs-src@FreeBSD.ORG  Mon Apr 26 13:07:28 2004
Return-Path: <owner-cvs-src@FreeBSD.ORG>
Delivered-To: cvs-src@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 12A5116A4D0; Mon, 26 Apr 2004 13:07:28 -0700 (PDT)
Received: from rwcrmhc13.comcast.net (rwcrmhc13.comcast.net [204.127.198.39])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id E270B43D58; Mon, 26 Apr 2004 13:07:27 -0700 (PDT)
	(envelope-from julian@elischer.org)
Received: from interjet.elischer.org ([24.7.73.28])
          by comcast.net (rwcrmhc13) with ESMTP
          id <2004042620072701500pu93ue>; Mon, 26 Apr 2004 20:07:27 +0000
Received: from localhost (localhost.elischer.org [127.0.0.1])
	by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id NAA46773;
	Mon, 26 Apr 2004 13:07:25 -0700 (PDT)
Date: Mon, 26 Apr 2004 13:07:24 -0700 (PDT)
From: Julian Elischer <julian@elischer.org>
To: Bosko Milekic <bmilekic@FreeBSD.org>
In-Reply-To: <200404261946.i3QJkqTK090160@repoman.freebsd.org>
Message-ID: <Pine.BSF.4.21.0404261307090.45911-100000@InterJet.elischer.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: cvs-src@FreeBSD.org
cc: src-committers@FreeBSD.org
cc: cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/sys/kern kern_jail.c src/sys/net rtsock.c   
 src/sys/netinet raw_ip.c src/sys/sys jail.h
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Apr 2004 20:07:28 -0000

Any plans to MFC?
(please)

On Mon, 26 Apr 2004, Bosko Milekic wrote:

> bmilekic    2004/04/26 12:46:52 PDT
> 
>   FreeBSD src repository
> 
>   Modified files:
>     sys/kern             kern_jail.c 
>     sys/net              rtsock.c 
>     sys/netinet          raw_ip.c 
>     sys/sys              jail.h 
>   Log:
>   Give jail(8) the feature to allow raw sockets from within a
>   jail, which is less restrictive but allows for more flexible
>   jail usage (for those who are willing to make the sacrifice).
>   The default is off, but allowing raw sockets within jails can
>   now be accomplished by tuning security.jail.allow_raw_sockets
>   to 1.
>   
>   Turning this on will allow you to use things like ping(8)
>   or traceroute(8) from within a jail.
>   
>   The patch being committed is not identical to the patch
>   in the PR.  The committed version is more friendly to
>   APIs which pjd is working on, so it should integrate
>   into his work quite nicely.  This change has also been
>   presented and addressed on the freebsd-hackers mailing
>   list.
>   
>   Submitted by: Christian S.J. Peron <maneo@bsdpro.com>
>   PR: kern/65800
>   
>   Revision  Changes    Path
>   1.42      +5 -0      src/sys/kern/kern_jail.c
>   1.108     +13 -2     src/sys/net/rtsock.c
>   1.129     +31 -2     src/sys/netinet/raw_ip.c
>   1.21      +1 -0      src/sys/sys/jail.h
>